There’s a great information security and privacy awareness event coming up, Internet Safety Night on April 23, 2008, 6:30-8:30 p.m.
Great Information Security and Awareness Event Coming In April
February 26th, 2008Have You Reviewed the FTC’s Proposed Privacy Principles Yet?
February 25th, 2008If you are responsible for information security or privacy at your organization, and your organization does marketing, here is something you need to know about and discuss with your marketing folks. I blogged about this in December.
Example privacy breach response plan
February 24th, 2008Too few organizations are prepared to respond to a privacy breach when it happens. Too many naively believe a privacy breach will not happen to them.
It is helpful to look at existing privacy breach notice plans when creating your own. The U.S. government agencies actually provide some good plans you can use as examples.
Educational Security Incidents Year in Review 2007
February 21st, 2008Since I’m talking about “The Anatomy of a Privacy Breach” at Berkeley today, I thought it would be timely to point out a great resource that details the very many privacy breaches that occur within colleges and universities.
The Anatomy of a Privacy Breach
February 20th, 2008Today I’m flying from the very frigid sub-zero temps of Iowa out to the University of California at Berkeley. I was invited to give a lecture, and considering the ongoing increase in privacy breaches, I chose to talk about “The Anatomy of a Privacy Breach.”
Insider Threat: Ex-Employee Takes Files To New Employer
February 19th, 2008Here’s a good article for your files, and to point out to your legal counsel to point out the very real insider threat to information security and privacy…
A Massachusetts trial court recently ruled that the unauthorized transfer of electronic files is actionable as a conversion under Massachusetts’ common law.
Have You Looked In Your Trash Bins Lately?
February 18th, 2008It shouldn’t still amaze me, but it does, how often so many organizations just dump huge amounts of printed paper containing tons of personally identifiable information (PII) right into their dumpster sitting behind their building, in the alley, or some other easily reachable public location.
Here’s yet another example of a business throwing away people’s privacy in their trash dumpster…
Identity Theft #1 Consumer Fraud Complaint To FTC in 2007
February 15th, 2008This week the FTC released the list of the top 20 consumer fraud complaints they received in 2007.
Not surprisingly, identity theft topped their list, accounting for 32% of all the complaints.
New Best Practices Guide For Building Secure Software
February 14th, 2008Many information security incidents and privacy breaches occur as a result of exploiting vulnerabilities in poorly engineered applications and systems.
It is good to see more articles and information about how to build security into applications from the very inception of a project, and continue it through the entire applications and systems lifecycle.
Phisherthieves Like Banks Best
February 13th, 2008Here’s a pretty good mainstream news story from CNN to give to your business leaders to raise their awareness and understanding about phishing…